Role in IT decision-making process:Align Business & IT GoalsCreate IT StrategyDetermine IT NeedsManage Vendor RelationshipsEvaluate/Specify Brands or VendorsOther RoleAuthorize PurchasesNot Involved

Work Phone:

Company:

Company Size:

Industry:

Street Address

City:

Zip/postal code

State/Province:

Country:

Occasionally, we send subscribers special offers from select partners. Would you like to receive these special partner offers via e-mail?YesNo

Your registration with Eweek will include the following free email newsletter(s):News & Views

By submitting your wireless number, you agree that eWEEK, its related properties, and vendor partners providing content you view may contact you using contact center technology. Your consent is not required to view content or use site features.

By clicking on the "Register" button below, I agree that I have carefully read the Terms of Service and the Privacy Policy and I agree to be legally bound by all such terms.

WEBINAR:On-Demand

TORONTO—Canada, just like every other country, company and individual in the world, is a target of cyber-crime and nation-state-based attackers. The government of Canada, however, is not sitting idly by and has an active strategy to defend its networks.

In a keynote address at the SecTor security conference here on Oct. 2, Scott Jones, head of the Canadian Centre for Cyber Security at the Canadian Security Establishment (CSE), outlined the key steps being taken by the government of Canada and how individuals and organizations around the world can benefit from the same approach.

"Every day, the CSE blocks hundreds of millions of malicious activities directed at the government of Canada, including up to one billion reconnaissance scans for vulnerabilities and over 25 million attempts to install malware on government networks," Jones said. "We decided to break the cycle and make it harder for people to discover our vulnerabilities."

Further reading

The Canadian Centre for Cyber Security is a new organization and is part of the CSE, which has a mandate similar in nature to the National Security Agency (NSA) in the United States.

A primary activity that the CSE is engaged in is to make it more difficult for attackers to scan Canadian government networks, according to Jones. By making it more difficult to scan, he said attackers don't get visibility into what software and services are running on government networks. Without knowing what is on a network, he said it's more difficult for an attacker to exploit that network.

"We work hard to increase the cost to attack the government. You have to work a lot harder to do reconnaissance against us," he said.

As an aside, by preventing scanning, Jones said the government of Canada has recognized a cost savings, since the load on networks and servers has been reduced drastically.

Attribution

The biggest threat to Canadians online is cyber-crime, and in the modern world, Canadians are just much at risk as anyone in the world, according to Jones. Attacks come from all over the world; Jones said the CSE has observed attacks coming from different places and are motivated by an array of different factors.

"These threats are serious and are growing increasingly complex," he said. "It is now also difficult to distinguish between cyber-crime and nation-state attacks."

How to Improve Cyber-Resiliency

There are multiple things individuals and organizations around the world can do to help limit cyber-risks.

"Sometimes simple things will make a difference," Jones said.

Jones suggests that organizations harden their operating systems and applications. He also said that not every application or service needs to be on all the time or publicly facing the internet. In his view, most cyber-adversaries are lazy and will move on to easier targets if they hit an obstacle.

"By doing the basics, you're making the adversaries that come after you deploy more advanced tools and techniques, and you just might not be worth the expense," Jones said. "My ultimate goal is to make Canada unattractive to cyber-criminals and data hackers, because our community is vigilant and engaged so much so that threat actors aren't enticed to even attack us."

Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.

By submitting your information, you agree that eweek.com may send you eWEEK offers via email, phone and text message, as well as email offers about other products and services that eWEEK believes may be of interest to you. eWEEK will process your information in accordance with the Quinstreet Privacy Policy.

We ran into a problem

We already have your email address on file. Please use the "Forgot your password?" link to create a password, validate your email and login.